const jwt = require('jsonwebtoken')
const { JWT_SECRET } = require('../config/config.default')
const { tokenExpireError, invalidToken, hasNotAdminPermission } = require('../constant/err.type')

const auth = async (ctx, next) => {
  const { authorization } = ctx.request.header
  const token = authorization.replace('Bearer ', '')
  // const token = authorization.split(' ')[1]
  console.log(token)

  try {
    // user 中包含了 payload 的信息(id, user_name, is_admin)
    ctx.state.user = jwt.verify(token, JWT_SECRET)
  } catch (err) {
    switch (err.name) {
      case 'TokenExpireError':
        console.error('token已过期', err)
        return ctx.app.emit('error', tokenExpireError, ctx)
      case 'JsonWebTokenError':
        console.error('无效的token', err)
        return ctx.app.emit('error', invalidToken, ctx)
    }
  }
  await next()
}

const hadAdminPermission = async (ctx, next) => {
  const { is_admin } = ctx.state.user

  if (!is_admin) {
    console.error('该用户没有管理员权限', ctx.state.user)
    return ctx.app.emit('error', hasNotAdminPermission, ctx)
  }

  await next()
}

module.exports = {
  auth,
  hadAdminPermission
}
